The influence of social interaction on auditors' moral reasoning /

Thorne, Linda, 1956-

January 1997

No description available.

Auditing -- Moral and ethical aspects.

Auditors -- Professional ethics.

The audit of management information systems: a study of operational auditing in Canada.

Wightman, Kenneth Ronald.

January 1971

No description available.

Auditing

Management audit

Management information systems

Modeling auditor judgment in nonstatistical sampling

Read, William J.

January 1984

Since its issuance in June 1981, Statement on Auditing Standards (SAS) No. 39, "Audit Sampling," has been the center of much controversy. Practitioners are voicing their concerns as they anticipate difficulties in designing, selecting, and evaluating a nonstatistical sampling procedure in accordance with SAS 39. This proposed exploratory study seeks to identify those factors that underlie the auditor's judgment with respect to nonstatistical sample size decisions in substantive tests. The research will utilize Egon Brunswik's Lens Model to provide mathematical representations of the auditor's judgment process. Correlational statistics will be used to assess judgment accuracy, agreement (consensus) , and auditor "self-insight" into his decision process. The study will provide empirical insight, into whether the auditor's determination of the appropriate extent of testing is consistent with his judgment as to the assurance level needed from his sampling application, or conversely, the degree of risk he is willing to accept. The ability of auditors to formulate their sample size decisions properly is crucial because of their impact on audit effectiveness and efficiency. In addition, this project should provide additional evidence bearing upon the arguments of both proponents and opponents of SAS 39. / Ph. D.

LD5655.V856 1984.R423

Auditing

Sampling (Statistics)

Kredietversekering in die meubelhandel en die funksie van die onafhanklike ouditeur

Nortje, Abraham Hendrik

11 1900

Text in Afrikaans / Professionele etiek word nie altyd in ag geneem met besigheidsbesluite nie. Die vordering van kredietversekeringspremies is waarskynlik 'n voorbeeld daarvan. Die uitneem van kredietversekering is dikwels 'n voorwaarde vir die verlening van krediet deur sommige meubelhandelaars. Geweldige finansiele voordele wat voortspruit uit kredietversekeringskemas lei tot uitbuiting van die publiek deur sekere meubelhandelaars. Die verskillende kredietversekeringskemas wat in die meubelhandel toegepas word, voldoen nie aan die vereistes van die Woekerwet, 1968, en die Versekeringswet, 1943, nie. Hierdie oortredings het dikwels 'n wesenlike uitwerking op die geopenbaarde finansiele inligting van verskeie meubelhandelaars. Dit is die ouditeur se verantwoordelikheid om die statutere vereistes met die vordering van kredietversekeringspremies in ag te neem, aangesien dit 'n onwettige optrede, asook 'n onreelmatigheid kragtens algemeen aanvaarde ouditstandaarde is. Die ouditeur behoort toepaslik verslag te doen oor gevolglike wanvoorstellings van die finansiele inligting van die betrokke meubelhandelaars. Hierdie verantwoordelikheid word egter nie deur alle ouditeure nagekom nie. / The taking out of credit insurance is often a condition for the granting of credit by certain furniture traders. Enormous financial gains arising from credit insurance schemes result in exploitation of the public by certain furniture traders. Various credit insurance schemes in the furniture trade contravene the Usury Act, 1968, and the Insurance Act, 1943. These contraventions often materially affect financial information disclosed by certain furniture traders. It is the auditor's responsibility to consider the statutory requirements for the collection of credit insurance premiums, as this is an illegal act and an irregularity in terms of general accepted auditing standards. The auditor's duty is to appropriately report on resulting misrepresentations of financial information of such furniture traders. Some auditors however, do not comply with this responsibility. / Auditing / M. Compt. (Auditing)

657.450968

Auditing -- South Africa

Consumer credit -- South Africa

Digitalisering och automatisering av revisionen : Hur kan den påverka samt hanteras av branschen?

Andersson, Joakim, Engström, Tim

January 2016

I den rådande ekonomiska miljön tenderar företag att använda sig av IT-system i högre utsträckning för att dokumentera och processa affärstransaktioner. Digitalisering ses som en drivkraft till de mest grundläggande och långsiktiga förändringarna i samhället och Digital i realtid ses som en viktig trend de kommande 10-20 åren för redovisnings- och revisions-branschen. Hur digitaliseringen kommer påverka revisionen ur en svensk kontext är ett relativt outforskat område och syftet med denna uppsats är att analysera revisionsbranschens fortsatta digitalisering och utveckling mot en mer automatiserad process samt utveckla begreppen kring denna förändring. Med hjälp av en kvalitativ studie baserad på personliga intervjuer med programutvecklare och auktoriserade revisorer samt en intervju med Dan Brännström, generalsekreterare på FAR, besvaras studiens problemformulering: Hur ser pågående digitalisering och automatisering inom revisionen ut och hur kan den påverka samt hanteras av branschen? Resultatet visar att den pågående digitaliseringen och automat-iseringen kan höja kvalitén inom revisionen genom att revisionen kan bedrivas mer effektivt, heltäckande och med en ökad pricksäkerhet. Genom att dra nytta av teknologi genomgår revisionen ett skifte mot att använda mer dataanalys och analytisk granskning av företagets hela population av transaktioner. Denna utveckling kan komma att förändra revisorns roll. Revisorn kan, med hjälp av teknologin, skapa sig en mer övergripande bild av verksamheten och hjälpa företaget med svårare frågeställningar på en företagsstrategisk nivå. IT-kunskap samt analytisk förmåga ses som nyckelkompetenser för revisorn i framtiden. Mer komplexa uppgifter tenderar att leda till högre efterfrågan på kvalificerad personal hos revisionsbyråerna samtidigt som behovet av mindre kvalificerad personal kan minska på grund av att enklare uppgifter automatiseras. Detta kompetensskifte skapar ett gap mellan universitetens utbildningar och den allt mer digitala och automatiska revisionsprocessen. Utbildningarna behöver omarbetas och bör inkludera mer IT och dataanalys för att aspirerande revisorer ska ha den kunskap som krävs vid inträde i branschen. / In the current economic environment, companies tend to use IT systems to a greater extent in order to document and process business transactions. Digitalization is seen as a driving force to the most basic and long-term changes in society and Digital in real-time is seen as an important trend over the next 10-20 years for the auditing and accounting profession. How digitalization will affect the audit in the Swedish context is a relatively unexplored area and the purpose of this study is to analyze the audit industry's continued digitalization and development towards a more automated process and to develop concepts of this change. By applying a qualitative study based on personal interviews with software developers and authorized auditors and an interview with Dan Brännström, General Secretary of FAR, we have answered the study's research question: How does the ongoing digitalization and automation within auditing appear and how can it affect and be handled by the industry? The result shows that the ongoing digitalization and automation can increase the quality of the audit since the audit can be conducted more efficiently, comprehensive and with an improved accuracy. By taking advantage of the technology, auditing is experiencing a shift toward using more data analysis and move towards an analytical review of the company's entire population of transactions. This development can change the role of the auditor. The auditor can, with the help of technology, create a more comprehensive picture of the business and help the company with difficult issues at a corporate strategic level. IT knowledge and analytical skills are seen as key competences for the auditor in the future. More complex work tasks tend to create a greater demand for qualified personnel in auditing firms, while the need for less qualified personnel will decrease due to automation of simple tasks. The shift in competencies creates a gap between the universities’ programs and the increasingly digital and automated audit process. The curriculum needs to be redesigned and should include more IT and data analysis to ensure that aspiring auditors possess the knowledge required when entering the industry.

Future of auditing

continuous auditing

digitalization

automation

Framtidens revision

löpande revision

digitalisering

automatisering

A structured technique for applying Risk Based Internal Auditing in information technology environments (with specific reference to IIA RBIA, King Report and CobiT)

Wheeler, Sonya

03 1900

Thesis (M.Comm. (Accountancy))--University of Stellenbosch, 2005. / ENGLISH ABSTRACT: A technique that may be used to incorporate Risk Based Internal Auditing (RBIA) in the IT environment is to follow annual audit planning methodology steps. The IT infrastructure elements are linked to the business processes which they support. Their ranking are based on the risk assessments of the business process, the business process priority, the dependency of the business process on IT and the IT infrastructure element’s own risk assessment. CobiT is used as an auditing method, i.e. best practice guidance to audit against.

Dissertations -- Accountancy

Dissertations -- Accountancy

Theses -- Accountancy

Assignments -- Accountancy

Risk Based Internal Auditing

CobiT processes

Computer auditing

B2B and the supplier : preventing repudiation of orders in an open account system

Butler, Rika, Boshoff, W.

12 1900

Thesis (MAcc)--University of Stellenbosch, 2003.

Theses -- Accountancy

Dissertations -- Accountancy

Theses -- Computer auditing

Dissertations -- Computer auditing

Repudiation of orders

Business to business transactions

Bridging the Information Technology (IT) gap in South Africa through a step by step approach to IT governance

Botha, David Petrus

04 1900

Thesis (Mcomm)--Stellenbosch University, 2014. / ENGLISH ABSTRACT: The focus of this research was to compile a practical, step by step approach that can be followed by those persons charged with the governance of enterprises in South Africa to successfully bridge the information technology gap. The King Code of Corporate Governance for South Africa and the King Report on Corporate Governance for South Africa (together KINGIII) was identified as a starting point for the compilation of the approach. KINGIII is the corporate governance standard in South Africa and in the introduction to KINGIII it is recommended that the principles contained in the Code should be implemented by all entities. KINGIII is the third report on governance issued by the King Committee and introduced governance principles for Information Technology (IT). The Code contains seven IT governance principles and 24 recommended practices. The application of the IT governance principles of KINGIII, as well as the related recommended practices, is a complicated endeavour. This is partly because IT in itself is complex and also partly because the governance of IT is a relatively new area of corporate governance. Through a detailed study of the seven IT governance principles of KINGIII, as well as the related recommended practices and narrative discussions, it was identified that in order to successfully implement IT governance, a company has to establish and implement an IT governance framework which includes relevant structures, processes and mechanisms to enable IT to deliver value to the business. It was also identified that the IT governance framework has to facilitate and enhance the company’s ability to reach its stated objectives by ensuring that the most appropriate decisions are made in respect of the incorporation of IT into the operations of the business. Lastly, it was identified that a company must acquire and use appropriate technology and people to support its business.To address the requirement for the establishment and implementation of relevant structures, processes and mechanisms, a framework of 33 IT governance practices was identified, mapped to the IT governance principles of KINGIII and an analysis performed. Through this analysis the IT governance practices that can be utilised to implement the IT governance principles of KINGIII were identified and discussed. To address the requirement of ensuring that the framework facilitates that the most appropriate decisions are made in respect of the incorporation of IT into the operations of the business, five key decisions that have to be made in respect of IT was identified and discussed. The five decisions were mapped to (1) the KINGIII principles to demonstrate which of the IT governance principles are addressed by each of the decisions and (2) the IT governance structures identified in the framework above to demonstrate which of the IT governance structures can be used to provide input into taking the relevant decision and which can be used to take the decision. Finally, to address the requirement that a company must acquire and use appropriate people and technology to support its business, a framework of organizational competencies required in small and medium-sized enterprises (SME’s) was identified and mapped to (1) the KING III principles to demonstrate which of the IT governance principles could be addressed by each of the relevant competencies and (2) to the five key IT decisions identified above to demonstrate which of the competencies can be utilised to make each of the five key decisions. Based on the findings of the research conducted as set out above, the practical, step by step approach was compiled. / AFRIKAANSE OPSOMMING: Die fokus van hierdie navorsing was die samestelling van ‘n praktiese, stapsgewyse benadering wat gebruik kan word deur daardie persone wat verantwoordelik is vir die korporatiewe beheer van ondernemings in Suid Afrika om suksesvol die inligtings tegnologie (IT) gaping te oorbrug. Die King Code of Corporate Governance for South Africa en die King Report on Corporate Governance for South Africa (gesamentlik KINGIII), was geidentifiseer as ‘n beginpunt vir die samestelling van die benadering. KINGIII is die korporatiewe beheer standaard in Suid Afrika en in die inleiding tot KINGIII word alle ondernemings aanbeveel om die korporatiewe beheer beginsels en gepaardgaande aanbeveelde praktyke te implementeer. KINGIII is die derde verslag oor korporatiewe beheer wat deur die King Komitee uitgereik is en het korporatiewe beheer beginsels met betrekking tot IT bekend gestel. KINGIII bevat sewe koporatiewe beheer beginsels wat met IT verband hou, asook 24 aanbeveelde korporatiewe beheer praktyke. Die toepassing van die IT korporatiewe beheer beginsels van KINGIII, asook die aanbeveelde praktyke, is ‘n ingewikkelde onderneming. Dit is gedeeltelik omdat IT self kompleks is, maar ook omdat die korporatiewe beheer van IT ‘n relatiewe nuwe area van korporatiewe beheer is. Deur middel van ‘n in diepte studie van die sewe korporatiewe beheer beginsels van KINGIII, insluitend die aanbeveelde korporatiewe beheer praktyke en besprekings, is daar geïndetifiseer dat ‘n IT korporatiewe beheer raamwerk saamgestel en geimplementeer moet word as deel van die implementering van korporatiewe beheer oor IT. Hierdie IT korporatiewe beheer raamwerk moet relevante strukture, prosesse en meganismes bevat wat IT daartoe instaat sal stel om waarde toe te voeg tot die onderneming. Dit is ook geïdentifiseer dat die IT korporatiewe beheer raamwerk die onderneming se vermoeë om sy doelstellings te bereik moet verbeter deur te verseker dat die mees gepaste besluite geneem word met betrekking tot die integrasie van IT in die bedrywighede van die onderneming. Laastens is daar geïdentifiseer dat ‘n maatskappy toepaslike tegnologie en mense moet bekom en aanwend om die bedrywighede van die onderneming te ondersteun. Om die vereiste vir die samestelling en implementering van relevante strukture, prosesse en meganismes aan te spreek, is ‘n raamwerk van 33 IT korporatiewe beheer praktyke geïdentifiseer, kruisverwys na die IT korporatiewe beheer beginsels van KINGIII en verder ontleed. Deur hierdie ontleding is die IT koporatiewe beheer praktyke wat aangewend kan word om die IT korporatiewe beheer beginsels te implementeer geïdentifiseer en bespreek. Om die vereiste aan te spreek dat die raamwerk fasiliteer dat die mees gepaste besluite geneem word met betrekking tot die integrasie van IT in die bedrywighede van die onderneming, is vyf sleutel besluite wat in verband met IT geneem moet word geïdentifiseer en bespreek. Die vyf besluite is (1) kruisverwys na die IT korporatiewe beheer beginsels van KINGIII om te demonstreer watter IT korporatiewe beheer beginsels deur elke besluit aangespreek word en (2) na die IT korporatiewe beheer strukture wat in die bogenoemde raamwerk geidentifiseer is om aan te dui watter IT korporatiewe beheer strukture gebruik kan word om insette te verskaf vir die neem van die vyf sleutel besluite en watter strukture gebruik kan word om die besluite te neem. Laastens, om die vereiste aan te spreek dat ‘n maatskappy toepaslike tegnologie en mense moet bekom en aanwend om sy bedrywighede te ondersteun, is ‘n raamwerk van organisatoriese bevoegdhede wat benodig word in klein tot medium-groote ondernemings (SME’s) geïdentifiseer en kruisverwys na (1) die KINGIII korporatiewe beheer beginsels om aan te dui watter IT korporatiewe beheer beginsels deur die relevante bevoegdhede aangespreek word en (2) na die vyf sleutel besluite wat hierbo geïdentifiseer is om aan te dui watter van die bevoegdhede aangewend kan word om elkeen van die vyf sleutel besluite te neem. Die stapsgewyse benadering tot die korporatiewe beheer van IT is gevolglik saamgestel met verwysing na die bevindinge van die navorsing wat uitgevoer is soos hierbo uiteengesit.

Dissertations -- Accountancy

Theses -- Accountancy

Dissertations -- Computer auditing

Theses -- Computer auditing

UCTD

Evaluation and categorization of findings according to the Minimum Requirements for the Internal Audit Function of Banks 1/2000 (German Federal Financial Supervisory Authority)

Scholz, Christian

12 1900

Thesis (MBA)- Stellenbosch University, 2004. / ENGLISH ABSTRACT: The main object of this study project is clause 14 of the circular 1/2000 "Minimum Requirements for the Internal Audit Function of Banks" of the German Federal Financial Supervisory Authority. It requires that banks have a risk management system, a risk-based audit planning and a risk-based audit procedure. These have initiated the transformation process of the internal audit functions from the traditional audit approach, which is past and present orientated, to the risk-based audit approach, which is future oriented. During audit planning the audit objects are chosen due to their inherent-risk instead of choosing them due to indications of pastrelated information or estimations. To determine the inherent-risk the audit object's risk factors have to be determined and assessed. The aim of the study is to set up a model, which allows the standardized categorization of findings according to the Minimum Requirements for the Internal Audit Function of Banks 1/2000, which requires a categorization of findings into at least three categories: shortcoming, serious shortcoming, and particular grave deficiency. The Minimum Requirements doesn't impose a restriction to the method of categorization. The survey "Categorization of Findings" revealed that all banks are categorizing the findings, but that only a few banks are using an objective method to do so. To ensure a coherent, transparent and objective classification of the findings the classification process has to be standardized. For a standardized classification process the extent of the findings have to be comparable and quantitative. Therefore, techniques and methods have to be applied, which quantifies the extent of the findings making them comparable. In order to find the right method to assess the extent of the finding one has to look at the components of a finding. A finding consists of risk, which is expressed by the occurrence probability and the extent of damage. The occurrence probability and the extent of damage are described by various risk factors, which are quantitative and qualitative. These risk factors have to be objectively evaluated and aggregated to determine the risk and thus, the extent of the finding. The main problems of this assessment are the quantification of the qualitative risk factors and the aggregation of all risk factors. For the quantification of qualitative risk factors the methods three dimensional analysis and the Delphi-Method are most appropriate. These two methods can be used for the evaluation of a quantitative risk factor as well. Furthermore, the methods sensitivity analysis, Monte Carlo simulation, and statistical methods can assist the assessment of qualitative risk factors, but these methods alone are not appropriate for the assessment of qualitative risk factors. When aggregating the assessments of the risk factors a combination of successive comparison and Scoring Model are suitable. The classification of findings for the annual audit report can be conducted by use of the ABC-Analysis. Prior to this, the scored findings have to be weighted according to the importance of the audit object for the company. All findings in class A represent serious shortcomings and particular grave defiCiencies, class B represents shortcomings, and class C negligible shortcomings. The classification process can be assisted by the use of the risk map and the risk portfolio, but the sole use of these methods would not lead to a proper classification. / AFRIKAANSE OPSOMMING: Die hoof doelwit van hierdie studieprojek is klousule 14 van die Sirkuler 1/2000 "Minimum vereistes vir die Interne Oudit funksie van banke" van die Duitse Federale Finansiele Toesighoudende gesag. Dit vereis dat banke 'n risikobestuur sisteem, 'n risiko baseerde oudit plan en risiko baseerde oudit prosedures daar stel. Hierdie verseistes het die transformasie van die interne oudit funksies inisieer, vanaf die tradisionele benadering wat op die verlede en die huidige gefokus het, tot 'n risiko gebaseerde benadering wat op die toekoms gerig is. Gedurende die oudit beplanning word die oudit onderwerpe gekies vanwee hul inherente risikos eerder as vanwee die indikasies van verlede-gebaseerde informasie of estimasies. Om die inherente risikos te bepaal, is dit nodig om die oudit onderwerp se risiko faktore te bepaal en te bereken. Die doeI van die studie is die daarstelling van 'n model vir die gestandardiseerde kategorisering van bevindinge na aanleiding van die "Minimum vereistes vir die Interne Oudit funksie van banke" in ten minste drie kategorie: leemtes, ernstige tekortkominge en spesifieke growwe tekorte. Die Minimum Vereistes beperk nie die metode van kategorisering nie. Die opname "Catagorising of Findings" toon dat al die banke wel hul bevindings kategorieseer maar dat slegs 'n paar banke 'n objektiewe metode hierin toe pas. Om verstaanbare, deursigtige en objektiewe klassifikasie van bevindinge te verseker is dit nodig dat die proses van klassifikasie gestandardiseer word. Vir 'n gestandardiseerde klassifikasie proses moet die resultate van bevindinge vergelykbaar en kwantitatief wees. Hiervoor moet tegnieke en metodes toegepas word wat die resultate van bevindinge kwantifiseer en so vergelykbaar maak. Om die regte metode te vind vir die analisering van die resultate van 'n bevinding, moet daar na die komponente van die bevinding gekyk word. 'n Bevinding bestaan uit risiko wat uitgedruk word as die gebeurlikheidswaarskynlikheid en omvang van skade. Die gebeurlikheidswaarskynlikheid en omvang van skade word beskryf deur 'n verskeidenheid van risiko faktore wat beide kwalitatief en kwantitatief van aard is. Hierdie risiko faktore moet objektief evalueer en saamgevat word om die risiko en so die omvang van die bevinding te bepaal. Die grootste probleem met die analise is die kwantifisering van die kwalitatiewe risiko faktore en die samevatting van al die risiko faktore . Vir die kwatifisering van die kwalitatiewe risiko faktore, is die Drie Dimensionele Analise en die Delphi metodes die mees toepaslikes. Hulle kan ook gebruik word vir die evaluasie van 'n kwantitatiewe risiko faktor. Verder kan die metodes van sensitiwiteitsontleding, Monte Carlo simulasie en ander statistiese metodes ook help met die berekening van kwantitatiewe risiko faktore. Hulle is egter nie toepaslik vir die berekening van kwalitatiewe risiko faktore nie. Met die aggregasie van die analiese van risiko faktore, is die kombinasie van Opeenvolgende Vergelyking en Punte Toekenning modelle ook toepaslik. Die klassifisering van bevindinge vir die jaarlikse oudit verslag kan gedoen word deur die gebruik van ABC-analise. Voorheen moes daar aan die bevindinge gewigte toegeken word in ooreenstemming met die belangrikheid van die oudit onderwerp vir die maatskappy. Alle resultate in klas A verteenwoordig ernstige tekortkominge en besonder gewigtig gebrekkig , klas B verteenwoordig tekortkominge en klas C geringe tekortkominge. Die klasifikasie proses kan bygestaan word deur die gebruik van 'n risiko kaart en risiko portefeulje. Die alleen gebruik van die metodes sal egter nie 'n ordentlike klassifikasie verseker nie.

Banks and banking -- Auditing

Auditing, Internal

Dissertations -- Business management

Theses -- Business management

The association between organizational culture and Control Self Assessment: adoption and approach choice

Pan, Ye., 潘燁.

January 2006

published_or_final_version / Business / Master / Master of Philosophy

Control self-assessment (Auditing)

Risk management.

Auditing, Internal.

Corporate culture - China - Hong Kong.